-
Suggestion
-
Resolution: Fixed
-
None
-
None
Since CWD-4271, deleting an empty session token results in invalidating all sessions. As this was never an expected value, specifically check for it and fail locally.
At the same time, check for cases that are calling this conditionally on having a session token and ensure they don't treat it as something that can be invalidated.
- causes
-
JRACLOUD-65801 All users are logged out of JIRA Cloud every 1 or 2 minutes
-
- Closed
-
- is related to
-
JRACLOUD-41559 Some REST calls return 200 with no body and AUTHENTICATED_FAILED
-
- Closed
-
-
JRACLOUD-65801 All users are logged out of JIRA Cloud every 1 or 2 minutes
-
- Closed
-
-
JRASERVER-41559 Some REST calls return 200 with no body and AUTHENTICATED_FAILED
-
- Gathering Impact
-
- relates to
-
JRACLOUD-65853 Upgrade Crowd to 2.8.3+
-
- Closed
-
-
CWD-4271 As an admin, I want to bulk-expire SSO sessions
- Closed
[CWD-4342] Don't try to invalidate a session ID of an empty string
Workflow | Original: JAC Suggestion Workflow [ 3388306 ] | New: JAC Suggestion Workflow 3 [ 3630262 ] |
Status | Original: RESOLVED [ 5 ] | New: Closed [ 6 ] |
Workflow | Original: Simplified Crowd Development Workflow v2 [ 1393364 ] | New: JAC Suggestion Workflow [ 3388306 ] |
Issue Type | Original: Improvement [ 4 ] | New: Suggestion [ 10000 ] |
Link | New: This issue is related to JRACLOUD-43151 [ JRACLOUD-43151 ] |
Workflow | Original: Crowd Development Workflow v2 [ 857843 ] | New: Simplified Crowd Development Workflow v2 [ 1393364 ] |
Remote Link | New: This issue links to "Page (Extranet)" [ 143465 ] |
Remote Link | New: This issue links to "Page (Extranet)" [ 103928 ] |
This started affecting us yesterday. CROWD is a system integration and I don't see any way of disabling it. It is a huge problem for our users, as our developers and sysadmins are in jira all through the day. Waiting for the 'next release' is really not an option for us. I need a workaround.